Andrew Engelbrecht [Mon, 27 Jul 2015 22:01:51 +0000 (18:01 -0400)]
prefer pub key as a fallback key for encryption
Andrew Engelbrecht [Mon, 27 Jul 2015 21:57:13 +0000 (17:57 -0400)]
issue mentioned in comment does not require a fix
Andrew Engelbrecht [Mon, 27 Jul 2015 21:55:16 +0000 (17:55 -0400)]
don't crash with bad gpg key imports
Andrew Engelbrecht [Mon, 27 Jul 2015 21:52:55 +0000 (17:52 -0400)]
catch semi-specific errors only.
Andrew Engelbrecht [Mon, 27 Jul 2015 21:50:55 +0000 (17:50 -0400)]
don't crash when given a corrupted detached sig
Andrew Engelbrecht [Mon, 27 Jul 2015 21:46:41 +0000 (17:46 -0400)]
use the un-decoded mime part in sig verificaion
this is closer to how the OpenPGP MIME spec says it should be done.
Andrew Engelbrecht [Mon, 27 Jul 2015 20:48:04 +0000 (16:48 -0400)]
Removed clearsigning verification
Clearsigning is difficult to verify for all encodings and is not a part
of RFC 3156. Inclusion in this program would encourage its use and lead
users into issues down the road when interacting with other people using
clients that do not support this out of spec feature.
Enigmail uses PGP/MIME by default so users should have an easy time not
creating clearsigned text in their messages unless they decide to paste
clearsigned text straight into a message.
Because the email self-defence guide guides the user through the steps
of installing and setting up enigmail, I am not concerned about leaving
out this feature.
Andrew Engelbrecht [Mon, 27 Jul 2015 20:34:07 +0000 (16:34 -0400)]
changed variable name
clarified the name of the reply email generator's "To:" email address
variable
Andrew Engelbrecht [Mon, 27 Jul 2015 16:49:28 +0000 (12:49 -0400)]
pick out encryption keys from nested signed text
if signed text is then encrypted as a separate step, use the signing key
as the target for encrypting the reply.
Andrew Engelbrecht [Fri, 24 Jul 2015 23:23:33 +0000 (19:23 -0400)]
sign reply message even if not encrypting.
Andrew Engelbrecht [Fri, 24 Jul 2015 23:06:53 +0000 (19:06 -0400)]
whitespace change
Andrew Engelbrecht [Fri, 24 Jul 2015 23:05:49 +0000 (19:05 -0400)]
more documentation
Andrew Engelbrecht [Fri, 24 Jul 2015 23:05:16 +0000 (19:05 -0400)]
removed unused function
Andrew Engelbrecht [Fri, 24 Jul 2015 21:54:17 +0000 (17:54 -0400)]
added note about a needed code fix
Andrew Engelbrecht [Fri, 24 Jul 2015 21:54:04 +0000 (17:54 -0400)]
more function documentation
Andrew Engelbrecht [Fri, 24 Jul 2015 21:25:48 +0000 (17:25 -0400)]
removed comment
it's no longer relevant
Andrew Engelbrecht [Fri, 24 Jul 2015 21:14:52 +0000 (17:14 -0400)]
fixed bug, removed stale code
piece_type is set to "signature", not "message" if it is an armored
signature.
we shouldn't include plaintext unless we don't need further nested
signatures.
Andrew Engelbrecht [Fri, 24 Jul 2015 20:49:22 +0000 (16:49 -0400)]
more functions documented
Andrew Engelbrecht [Fri, 24 Jul 2015 18:41:22 +0000 (14:41 -0400)]
don't use doxygen quite yet.
removed the Doxyfile
Andrew Engelbrecht [Thu, 23 Jul 2015 20:22:21 +0000 (16:22 -0400)]
added Doxyfile for doxygen comment parsing
Andrew Engelbrecht [Fri, 24 Jul 2015 18:36:43 +0000 (14:36 -0400)]
Added more documentation
using python doc strings
Andrew Engelbrecht [Fri, 24 Jul 2015 00:34:03 +0000 (20:34 -0400)]
only run main() if not in interactive mode
Andrew Engelbrecht [Fri, 24 Jul 2015 00:28:29 +0000 (20:28 -0400)]
change classes format
this way, attribute names are shown by python3's help() function
Andrew Engelbrecht [Fri, 24 Jul 2015 00:24:32 +0000 (20:24 -0400)]
added comments to the classes and main()
Andrew Engelbrecht [Thu, 23 Jul 2015 20:08:16 +0000 (16:08 -0400)]
fixed a comment
Andrew Engelbrecht [Thu, 23 Jul 2015 18:34:11 +0000 (14:34 -0400)]
don't use the 'an' language
it currently has no translations, so we should default to english.
Andrew Engelbrecht [Thu, 23 Jul 2015 17:56:48 +0000 (13:56 -0400)]
don't check message block for encryption status
if it was only an armored signature, then it had its piece_type field
changed and this code would not be reached in that case.
Andrew Engelbrecht [Thu, 23 Jul 2015 17:42:52 +0000 (13:42 -0400)]
modified .gitignore
Andrew Engelbrecht [Thu, 23 Jul 2015 17:42:06 +0000 (13:42 -0400)]
updated expected test results; added more tests
Andrew Engelbrecht [Thu, 23 Jul 2015 16:47:08 +0000 (12:47 -0400)]
check unencrypted message blocks for signatures
some message blocks aren't encrypted.
Andrew Engelbrecht [Thu, 23 Jul 2015 16:21:57 +0000 (12:21 -0400)]
fixed some simple bugs
Andrew Engelbrecht [Thu, 23 Jul 2015 16:11:37 +0000 (12:11 -0400)]
the referenced issue is resolved
there is pubkey loading error handling in the get_key_from_fp function.
Andrew Engelbrecht [Thu, 23 Jul 2015 16:06:08 +0000 (12:06 -0400)]
split up prepare_for_reply_pieces
also made changes to the way message blocks are handled.
Andrew Engelbrecht [Thu, 23 Jul 2015 16:04:38 +0000 (12:04 -0400)]
updated the message flattener
it no longer prints nested layers of decrypted text.
Andrew Engelbrecht [Thu, 23 Jul 2015 15:32:54 +0000 (11:32 -0400)]
check to see if we have keys before adding them
Andrew Engelbrecht [Thu, 23 Jul 2015 15:31:33 +0000 (11:31 -0400)]
add pubkey as a fallback key
Andrew Engelbrecht [Thu, 23 Jul 2015 15:29:05 +0000 (11:29 -0400)]
a signature key should be set as a fallback key
Andrew Engelbrecht [Wed, 22 Jul 2015 23:44:17 +0000 (19:44 -0400)]
generate the encrypted mime reply
we can finally use this function again! : )
Andrew Engelbrecht [Wed, 22 Jul 2015 23:43:35 +0000 (19:43 -0400)]
only quote the message if we are going to encrypt.
Andrew Engelbrecht [Wed, 22 Jul 2015 23:42:28 +0000 (19:42 -0400)]
this belongs over here
partly because the function it was in was recursive.
Andrew Engelbrecht [Wed, 22 Jul 2015 23:38:58 +0000 (19:38 -0400)]
added a function which tries to load the pub key
Andrew Engelbrecht [Wed, 22 Jul 2015 21:39:19 +0000 (17:39 -0400)]
this will be useful later
for knowing how which nested layers of decrytion to reply with.
Andrew Engelbrecht [Wed, 22 Jul 2015 21:38:32 +0000 (17:38 -0400)]
pick out public key fingerpints from the message
this will be the key that the reply is encrypted to, if one is
available.
Andrew Engelbrecht [Wed, 22 Jul 2015 21:18:39 +0000 (17:18 -0400)]
whitespace changes
Andrew Engelbrecht [Wed, 22 Jul 2015 21:17:41 +0000 (17:17 -0400)]
return fingerprints not sig objects
Andrew Engelbrecht [Wed, 22 Jul 2015 19:59:34 +0000 (15:59 -0400)]
add signed txt, etc. if it's in an encrypted block
later there will need to be fingerprint checking to make sure that
edward can't become a decryption service for edward traffic observers.
Andrew Engelbrecht [Wed, 22 Jul 2015 19:49:37 +0000 (15:49 -0400)]
renamed variable for clarity
eddy_obj -> eddymsg_obj
Andrew Engelbrecht [Wed, 22 Jul 2015 19:47:20 +0000 (15:47 -0400)]
removed %s from end of string
it's unneeded by this version of edward.
Andrew Engelbrecht [Wed, 22 Jul 2015 19:44:02 +0000 (15:44 -0400)]
added basic mutli-language reply generation
Andrew Engelbrecht [Wed, 22 Jul 2015 19:42:03 +0000 (15:42 -0400)]
fixed detached signature verification
the indentation was wrong.
Andrew Engelbrecht [Wed, 22 Jul 2015 16:32:39 +0000 (12:32 -0400)]
some variable name changes
... to be more specific
Andrew Engelbrecht [Wed, 22 Jul 2015 16:29:02 +0000 (12:29 -0400)]
added detached sig verification
woohoo!!
Andrew Engelbrecht [Wed, 22 Jul 2015 15:50:38 +0000 (11:50 -0400)]
don't process 'None' EddyMsg objects
it would only mask bugs elsewhere in the code.
Andrew Engelbrecht [Wed, 22 Jul 2015 15:49:56 +0000 (11:49 -0400)]
don't pass back the object pointer
because it is unchanged.
Andrew Engelbrecht [Wed, 22 Jul 2015 14:02:30 +0000 (10:02 -0400)]
fixed bug
which occurred when the parsed email did not have a "To: " field.
Andrew Engelbrecht [Wed, 22 Jul 2015 13:59:55 +0000 (09:59 -0400)]
language support requires the translation files
this commit adds them.
Andrew Engelbrecht [Wed, 22 Jul 2015 01:19:03 +0000 (21:19 -0400)]
added the beginnings of language support
Andrew Engelbrecht [Wed, 22 Jul 2015 00:27:08 +0000 (20:27 -0400)]
moved function
Andrew Engelbrecht [Wed, 22 Jul 2015 00:26:22 +0000 (20:26 -0400)]
renamed function
Andrew Engelbrecht [Tue, 21 Jul 2015 23:53:03 +0000 (19:53 -0400)]
move this here
Andrew Engelbrecht [Tue, 21 Jul 2015 23:51:51 +0000 (19:51 -0400)]
notice when there isn't gpg data available
which happens when gpg doesn't get valid or complete input
Andrew Engelbrecht [Tue, 21 Jul 2015 23:51:13 +0000 (19:51 -0400)]
avoid a certain type of bug
Andrew Engelbrecht [Tue, 21 Jul 2015 23:32:40 +0000 (19:32 -0400)]
added clearsigning verification
this is all coming along nicely...
Andrew Engelbrecht [Tue, 21 Jul 2015 23:17:58 +0000 (19:17 -0400)]
ported key importing capability
Andrew Engelbrecht [Tue, 21 Jul 2015 23:15:11 +0000 (19:15 -0400)]
remove unused functions
Andrew Engelbrecht [Tue, 21 Jul 2015 22:55:19 +0000 (18:55 -0400)]
simple performance optimization
by not trying to re-scan and re-split gpg data
Andrew Engelbrecht [Tue, 21 Jul 2015 22:13:45 +0000 (18:13 -0400)]
for better debug functionality
now you can debug(obj_whatever)
Andrew Engelbrecht [Tue, 21 Jul 2015 22:13:33 +0000 (18:13 -0400)]
simplification of code
Andrew Engelbrecht [Tue, 21 Jul 2015 22:13:18 +0000 (18:13 -0400)]
added decryption function
Andrew Engelbrecht [Tue, 21 Jul 2015 22:09:21 +0000 (18:09 -0400)]
created higher order function used by flatten_eddy
it will also be used by the decryption function.
Andrew Engelbrecht [Tue, 21 Jul 2015 17:23:28 +0000 (13:23 -0400)]
don't crash if a byte string can't be decoded
Andrew Engelbrecht [Tue, 21 Jul 2015 07:20:03 +0000 (03:20 -0400)]
more useful ./run-tests output
Andrew Engelbrecht [Tue, 21 Jul 2015 07:17:06 +0000 (03:17 -0400)]
progress made toward implementing a better parser
this should make detached signature verification easier and prevent
adding its contents multiple times. it should also give finer-grained
control over what decrypted and/or signed parts to include in a reply.
Andrew Engelbrecht [Tue, 21 Jul 2015 00:01:30 +0000 (20:01 -0400)]
added the beginnings of detached sig verification
also added some test cases.
Andrew Engelbrecht [Mon, 20 Jul 2015 23:45:33 +0000 (19:45 -0400)]
added test of corrupted encryption blocks.
Andrew Engelbrecht [Mon, 20 Jul 2015 23:06:06 +0000 (19:06 -0400)]
Pass around fingerprints instead of gpgme keys
Keys used for encryption are not alway available. Trying to get the key
from a fingerprint sometimes caused edward to crash. It's a better idea
to pass around fingerprints rather than key objects. This method should
also be faster.
Andrew Engelbrecht [Mon, 20 Jul 2015 23:03:20 +0000 (19:03 -0400)]
updated the test files and added another gpg key
so everyone is capable of running the tests
Andrew Engelbrecht [Mon, 20 Jul 2015 21:44:24 +0000 (17:44 -0400)]
further generalization of the testing features
Andrew Engelbrecht [Mon, 20 Jul 2015 20:47:07 +0000 (16:47 -0400)]
further generalization of the testing script
Andrew Engelbrecht [Mon, 20 Jul 2015 20:02:30 +0000 (16:02 -0400)]
automatically find the tests directory
... relative to the directory containing run-tests
Andrew Engelbrecht [Mon, 20 Jul 2015 19:43:27 +0000 (15:43 -0400)]
partially generalized the testing suite
Andrew Engelbrecht [Mon, 20 Jul 2015 19:27:18 +0000 (15:27 -0400)]
update test suite to compare mime-decoded messages
Andrew Engelbrecht [Mon, 20 Jul 2015 19:20:55 +0000 (15:20 -0400)]
ignore the __pycache__ directory
Andrew Engelbrecht [Mon, 20 Jul 2015 19:19:19 +0000 (15:19 -0400)]
there is no reason to track random_seed
it is regularly updated by gnupg and we don't need to commit changes to
that file.
Andrew Engelbrecht [Mon, 20 Jul 2015 19:15:05 +0000 (15:15 -0400)]
ignore changes to the gnupg random seed file
Andrew Engelbrecht [Mon, 20 Jul 2015 19:12:45 +0000 (15:12 -0400)]
./run-tests is part of the testing suite.
Andrew Engelbrecht [Mon, 20 Jul 2015 19:10:25 +0000 (15:10 -0400)]
added the beginning of a testing suite to edward
automated testing is helpful.
Andrew Engelbrecht [Mon, 20 Jul 2015 17:44:07 +0000 (13:44 -0400)]
added .gitignore
Andrew Engelbrecht [Mon, 20 Jul 2015 15:59:22 +0000 (11:59 -0400)]
fix copyright header
i am not the primary author of the config file.
Andrew Engelbrecht [Mon, 20 Jul 2015 15:25:01 +0000 (11:25 -0400)]
check for keys in plaintext in decrypted blocks
if the message is hand-rolled with gpg, there might be a key in there.
but don't bother with recursive decryption unless they are using mime.
Andrew Engelbrecht [Mon, 20 Jul 2015 00:03:34 +0000 (20:03 -0400)]
simplified unattractive code
Andrew Engelbrecht [Mon, 20 Jul 2015 00:02:27 +0000 (20:02 -0400)]
upgraded the debug function
Andrew Engelbrecht [Sun, 19 Jul 2015 23:49:10 +0000 (19:49 -0400)]
search text/plain for keys and encoded messages
also don't scan the outer-most layer for keys because that gives
corrupted files. they are still accessible under the content type of
text/plain, even if the email's not a mime-formatted message.
Andrew Engelbrecht [Sun, 19 Jul 2015 23:44:08 +0000 (19:44 -0400)]
don't crash when given an invalid public key block
Andrew Engelbrecht [Sun, 19 Jul 2015 23:18:26 +0000 (19:18 -0400)]
fixed crash when receiving tampered encrypted msgs
edward now shouldn't crash when receiving a corrupted gpg encryption
block.
Andrew Engelbrecht [Sun, 19 Jul 2015 22:58:56 +0000 (18:58 -0400)]
variable name changes, small function removal
Andrew Engelbrecht [Sun, 19 Jul 2015 22:32:24 +0000 (18:32 -0400)]
fixed key format bug
Andrew Engelbrecht [Sun, 19 Jul 2015 21:44:26 +0000 (17:44 -0400)]
add imported keys to list of keys for encryption
only one will be used.
Andrew Engelbrecht [Sun, 19 Jul 2015 21:34:38 +0000 (17:34 -0400)]
added key importing feature
Andrew Engelbrecht [Sun, 19 Jul 2015 21:34:01 +0000 (17:34 -0400)]
added a debug function